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DETAILED ACTION 

This action is in response of the original filing of December 12, 2003. Claims 1-32 are pending 
and have been considered below. 

Examiner Note 

The applicant appears to be attempting to invoke 35 U.S.C. 1 12 6* paragraph in claim 30 by 
using "means-plus-flinction" language. However, the Examiner notes that the only "means" for 
performing these cited functions in the specification appears to be computer programs modules. 
While the claims pass the first test of the three-prong test used to determine invocation of 
paragraph 6, since no other specific structural limitations are disclosed in the specification, the 
claims do not meet the other tests of the three-prong test. Therefore, 35 U.S.C. 1 12 6* paragraph 
has not been invoked when considering these claims below. 



Claim Objections 

1 . Claim 1 7 is objected to under 37 CFR 1 .75(c), as being of improper dependent form for 
failing to fiirther limit the subject matter of a previous claim. Applicant is required to cancel the 
claims, or amend the claims to place the claim in proper dependent form, or rewrite the claims in 
independent form. Claim 17, is improperly dependent on claim 1, because: the examiner notes 
that the applicant is claiming a computer program in claims 17 which fail to add, delete, or 
change any of the steps in the parent claim. 
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2. Claim 1 is objected because of the following informalities: the examiner notes the use of 
acronyms (API) throughout the claim 1 without first including a description in plaintext, as 
required. 

Appropriate correction is required. 

Claim Rejections - 35 USC § 102 

1. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public use or on 
sale in this country, more than one year prior to the date of application for patent in the United States. 

2. Claims 1-3, 5, 6,9-12 are rejected under 35 U.S.C. 102(b) as being anticipated by Garg et 
al (US 6289458). 

Claim 1 : Garg et al discloses a system to provide access control to individual properties 
of an object comprising: 

a. A platform component that receives request to access an object by 
an entity (a computer system comprises an operating system to control 
applications and services running on the system) (column 3, Iines14-17); 

b. A data store that stores security information on class of the objects (the 
data structure includes an identifier used to indicated a specific object property or 
set of properties to which the permission apply) (column 3, lines 35-40); and 

c. A verification component that employs the security infomnatidn to 
verify that the entity has pemiission to call API for the object and/or 
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operate on the object (the access control module provide a centralize 
standard mechanism to evaluate whether or not various request for 
operations affecting objects should be granted or denied (column 7, 
lines30-35). 

Claim 2: Garq et al discloses a system to provide access control to individual 
properties of an object as in claim 1, above and further discloses that the 
verification component exposes the object is permission exists (the data 
structures includes fields defining whether access is granted) (column 3, linesSOr^ 
35). 

Claim 3: Garg et al discloses a system to provide access control to individual properties 
of an object as in claim 1, above and further discloses that the verification component 
masks the object is permission does not exist (the data structures includes fields defining 
whether access is deny) (column 3, lines30-35). 

Claim 5: Garg et al discloses a system to provide access control to individual properties 
of an object as in claim 1, above and further discloses that the verification component 
facilitates that partners receive full access to API's and /or object s for which there is a 
business need and partial or limited access to other API's or business objects (a system 
user is granted and denied access to individual properties or sets of properties) (column 3, 
lines45-50). 
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Claim 6: Garg et al discloses a system to provide access control to individual properties 
of an object as in claim 1, above and further discloses that the data store provides a 
default or determined security information related to a class (the access control list 
contains zero or more access control entries, which define the access control applied to 
the object) (colimm 8, lines34-38). 

Claim 9: Garg et al discloses a system to provide access control to individual properties 
of an object as in claim 1, above and further comprises a management portal to facilitate, 
authorization (file system manger maintains and coordinates access to file system) 
(column 7, lines 25-29). 

Claim 10: Garg et al discloses a system to provide access control to individual properties 
of an object as in claim 1, above and further comprises a component to provide an 
explicit security mapping for an object the access control list contains zero or more 
access control entries, which define the access control applied to the object. Each entry 
in the Ust defines a set of permission to be applied to a particular UUSERID or 
GROUPID with respect to either the object as a whole or individual properties of object. 
Desirably the order of entries in the access control list is significant) (column 8, lines 35- 
55). 



Claim 11: Garg et al discloses a system to provide access control to individual properties 
of an object as in claim 1, above and further comprises a component to enable an 
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implicit security mapping from an explicit mapped object or to derive an implicit security 
permission by utilizing related objects(security descriptor provides details on the security 
and access control applicable to object (colimin 8, lines 25-30). 

Claim 12: Garg et al discloses a system to provide access control to individual properties 
of an object as in claim 1, above and further discloses that the authorization employs 
operating system identities to facilitates security authorization procedure (security 
descriptor contains various properties including the owner security identifier and access 
control list) (column 8, lines27-30). 



3. Claims 18-32 are rejected under 35 U.S.C. 102(b) as being anticipated by Corrigan et al . 
(US 6640097). 

Claim 18: Corrigan et al discloses a system to provide access control to individual 

properties of an object comprising: 

d. Storing one or more security options in a database, the security options 
related to automate billing and provisioning system (in one embodiment, the 
portal comprises a customer care provisioning interface and provisioning 
database, said interface allowing network operator to access said database for 
inputting and updating operator specific data for subscriber) (clonm2 lines65-69, 
column 3 linesl-3); 
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e. Assigning security options to a class (the platform comprises means for 
controlling mobile subscriber access according to the security criteria) (column 2, 
lines9015); and 

f Inheriting the security options by object members of the class (verification 
of subscriber access rights is an intrinsic part of the session management functions 
provided by the portal (column 9, lines 1 7-20). 

Claim 19: Corrigan et al discloses a system to provide access control to individual 
properties of an object as in claim 18 above, and further comprises at least one of explicit 
and implicit assigning the security options to object members of a class (security future 
such as white list or blacklist are used to authenticates access to particular services 
(column 5, lines 27-30). 

Claim 20: Corrigan et al discloses a system to provide access control to individual 
properties of an object as in claim 18 above, and further comprises accessing database via 
an application programming interface (in one embodiment, the portal comprises a secure 
web-bases self provisioning interface comprising means for setting mobile network 
subscriber s to select a portfolio of personahzed services (column 2, lines53-57). 



Claim 21: Corrigan et al discloses a system to provide access control to individual 
properties of an object as in claim 20 above, and further authorizes the API (the node 
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controls all subscriber accesses to the network operator managed service portfolio and 
authenticates the ID to verify that the subscriber is authorized (column 5, lines 33-38). 

Claim 22: Corrigan et al discloses a system to provide access control to individual 
properties of an object as in claim 21 above, and further comprise returning an error code 
if an authorization procedure fails(the push server also support the push access protocol 
result notification. It will acknowledge successful or report unsuccessful transmission 
and delivery of the information pushed and return a status) (column 11, lines 10-15). 

Claim 23: Corrigan et al discloses a system to provide access control to individual 
properties of an object as in claim 21 above, and further comprises analyzing a simple 
object request (a mobile user service request reaches the node as URL request in http 
format, and the node presents a login screen. The user inputs access security codes and 
the node interfaces on the intemet side to have the required content delivered) (colimin 4 
lines 1-10). 

Claim 24: Corrigan et al discloses a system to provide access control to individual 
properties of an object as in claim 21 above, and further comprises analyzing one or more 
security credentials (verification of subscriber access rights is an intrinsic part of the 
session management functions provided by the portal (column 9, lines 15-20). 
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Claim 25: Corrigan et al discloses a system to provide access control to individual 
properties of an object as in claim 24 above, and comprises employing a cache to process 
the credentials (portal comprises a customer care provisioning interface and a 
provisioning database) (column 2, lines 65-68, fig 2) 

Claim 26: Corrigan et al discloses a system to provide access control to individual 
properties of an object as in claim 18 above, and fiirther comprises a subscription 
platform service (the platform comprises means for controlling subscriber access 
according to security criteria (colimm 2, lines 5-10). 

Claim 27: Corrigan et al discloses a system to provide access control to individual 
properties of an object as in claim 18 above, and further discloses that the security 
options are associated with default security parameters (a generic subscriber class which 
is defined within the portal and represents conunon characteristics of all subscribers) 
(colunm 8, lines 44-48). 

Claim 28: Corrigan et al discloses a system to provide access control to individual 
properties of an object as in claim 18 above, and fiirther comprises overriding default 
security parameters with other options (firom the generic subscriber class are derived 
many subscriber sub-class that allow the portal to manage subscriber profiles across a 
wide range of different technologies) (column 8, lines 47-50). 
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Claim 29: Corrigan et al discloses a system to provide access control to individual 
properties of an object as in claim 18 above, and further comprises employing an 
intermediate proxy that places call in a subscription on behalf of another tenant (the 
wireless application protocol (WAP) is a complete WAP capable mobile stations to 
access applications and services which may be hosted either within the network 
operator's own domain or in another location (column 10, lines 50-55). 

Claim 30: Corrigan et al discloses a system to provide access control to individual 
properties of an object comprising: 

Means for authenticating at least one entity attempting access to an online billing and 
service (subscriber authentication) (column 4, line 33); 

Means for authorizing the at least one entity (authorities subscriber access through white 
and black lists) (column 5, lines50-55)); and 

Means for associating a security parameter with at least one business object from a 
globalize region of database (the data structure includes an identifier used to indicated a 
specific object property or set of properties to which the permission apply) (column 3, 
lines 35-40). 

Claim 31: Corrigan et al discloses a system to provide access control to individual 
properties of an object comprising: 

a. An application programming interface packet to identify a partner (authenticates 
the subscriber ID to verify that the subscriber is authorized (column 5, lines35-40); 
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b. A security credential packet to facilitate authorization of the partner (Authorized 
subscriber access through white and black lists) (column 5, lines 50-55); and 

c. A security parameter packet inherited by a business object to faciUtate access to a 
subscription platform database ( the data structure includes an identifier used to indicated 
a specific object property or set of properties to which the permission apply) (column 3, 
lines 35-40). 

Claim 32: Corrigan et al discloses a system to provide access control to individual 
properties of an object comprising: . 

a. At least one security field indicating global security parameters in a subscription 
platform database (Authorized subscriber access through white and black lists) (column 
5, lines 50-55); 

b. At least one object field associated with an account in the database (the portal 
comprises means for instantiating a payment management class) (column 3, Unes 25-30); 
and 

d. At least one class field to associate the security field object( the data structure 
includes an identifier used to indicated a specific object property or set of properties to 
which the permission apply) (colunm 3, lines 35-40). 
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Claim Rejections - 35 USC § 103 

4. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Ofiice action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

5. Claims 4, 7, 8,13-17 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Corrigan et al (US6640097). 

Claim 4: Garg et al discloses a system to provide access control to individual properties 
of an object as in claim 1 above, but does not disclose that the system further comprise a 
subscription platform to facilitate automated billing an provisioning accounts. Corrigan 
et al discloses a similar system, which provides billing and tariff generation witii 
configurable billing provisioning functions (column 4, lines 45-50). Therefore, it would 
have been obvious to one having ordinary skill in the art at the time of the invention was 
made to include subscription platform to facilitating automated billing and provisioning 
accounts. One would have been motivated to do so in order to facilitate accounts 
management. 

Claim 7: Garg et al and Corrigap et al disclose a system to provide access control to 
individual properties of an object as in claim 6 above, and Corrigan et al further 
comprises a component to override the default security information with higher or 
different security options (jfrom the generic subscriber class are derived many subscriber 
sub-class that allow the portal to manage subscriber profiles across a wide range of 
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different technologies) (column 8, lines 47-50). It would have been obvious to one 
having ordinary skill in the art at the time of the invention was made for Garg et al to 
override default security with higher or different security options. One would have been 
motivated to do in order to make the system efficient. 

Claim 8: Garg et al discloses a system to provide access control to individual properties 
of an object as in claim 1 above, but does not explicitly disclose a coinponent that 
supports proxies tenant callers. Corrigan et al discloses a similar system to provide 
access control to individual properties that further discloses a the wireless application 
protocol (WAP) is a complete WAP capable mobile stations to access appHcations and 
services which may be hosted either within the network operator's own domain or in 
another location (column 10, lines 50-55). Therefore, it would have been obvious to one 
having ordinary skill in the art at the time of the invention was made for Garg et al to 
support proxies tenant callers. One would have been motivated to do in order to make 
the system flexible. 

Claim 13: Garg et al discloses a system to provide access control to individual properties 
of an object as in claim 1 above, but does not explicitly disclose that the system further 
comprises al least one of a sign-up API caller, an account management API caller, and a 
customer care API caller. Corrigan et al discloses a similar system to provide access 
control to individual properties that further discloses a customer care provisioning 
interface including a device provisioning function which enables the operator to ensure 
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that content is matched to the device type (column 5, lines 10-15). Therefore, it would 
have been obvious to one having ordinary skill in the art at the time of the invention was 
made for Garg et al to include a customer care API caller. One would have been 
motivated to do in order to simplify service management. 

Claim 14: Garg et al discloses a system to provide access control to individual properties 
of an object as in claim 13 above, but does not explicitly disclose that the system further 
comprises al least one API related to at least of a sign-up API group, an account 
management API group, a customer care API group, and object designer API group. 
Corrigan et al discloses a similar system to provide access control to individual 
properties that further a customer care provisioning interface including a device 
provisioning function which enables the operator to ensure that content is matched to the 
device type (column 5, lines 10-15). Therefore, it would have been obvious to one 
having ordinary skill in the art at the time of the invention was for Garg et al made to 
include a customer care API group. One would have been motivated to do in order to 
make the system efficient. 

Claim 15: Garg et al discloses a system to provide access control to individual properties 
of an object as in claim 1 above, but does not expHcitly disclose that the system further 
comprises an authorization logic that determines whether an API can access an object via 
an access rights set. Corrigan et al discloses a similar system to provide access control 
to individual properties that further discloses a node acting as a service manager for 
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mobile subscriber. It controls all subscriber accesses to the network operators managed 
service portfolio and authenticates the subscriber ID to verify that the subscriber is 
authorized to access a particular service before opening a secure connection (column 5, 
lines 35-40). Therefore, it would have been obvious to one having ordinary skill in the 
art at the time of the invention was made to include an authorization component in Garg 
etal. One would have been motivated to do so in order to restrict and control access to 
various components and services provides within the system. 

Claim 16: Garg et al discloses a system to provide access control to individual properties 
of an object as in claim 1 above, but does not explicitly disclose that the system further 
comprises at least one of a restricted audience offer, a conversion component^ and a 
payment instrument component. Corrigan et al discloses a similar system to provide 
access control to individual properties that further discloses a payment management class 
from which are derived two sub-classes post-paid and pre-paid (column 10, lines 20-25). 
Therefore, it would have been obvious to one having ordinary skill in the art at the time 
of the invention was made for Garg et al to include a payment component. One would 
have been motivated to do so in order to restrict and control access to various 
components and services provides within the system. 

Claim 17: Garg et al discloses a system to provide access control to individual properties 
of an object as in claim 1 above, but does not explicitly disclose that the system further 
comprises a computer excusable instructions stored thereon to perform at least one of the 
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platform component and the verification component. Corrigan et al discloses a similar 
system to provide access control to individual properties that further discloses a 
verification component (column 9, linel 5-20). Therefore, it would have been obvious to 
one having ordinary skill in the art at the time of the invention was made to include a 
verification component. One would have been motivated to do so in order to restrict and 
control access to various components and services provides within the system. 



Conclusion 

• The prior art made of record and not reUed upon is considered pertinent to apphcant's 
disclosure. 

• Boebert et al (US 4713753) discloses a secure data processing system architecture with 
format Control. 

• Fabbio (US 5335346) discloses an access control policies for an object-oriented database 
including access control lists which span across object boundaries. 

• Shannon (US 6233618) discloses an access control of networked data. 

• Staamann et al (US 2003/0145094) discloses a Method and system for session based 
authorization and access control for networked application object. 



Any inquiry concerning this communication or earlier communications firom the 
examiner should be directed to Fatoumata Traore whose telephone number is (571) 270-1685. 
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The examiner can normally be reached Monday through Thiirsday from 7:30 a.m. to 4:30 p.m. 
and every other Friday from 7:30 a.m. to 3:30 p.m. 

If attempts to reach the examiner by telephone are imsuccessful, the examiner's 
supervisor, Jim W. Myhre, can be reached on (571) 272 6722. The fax phone number for 
Formal or OflScial faxes to Technology Center 2100 is (571) 273-3800. Draft or Informal faxes, 
which will not be entered in the application, may be submitted directly to the examiner at (571) 
274-1685. 

Any inquiry of a general nature or relating to the status of this application or proceeding 
should be directed to the Group Receptionist whose telephone number is (571) 272-2100. 




